using System; 

using System.Linq; 

using Microsoft.AspNetCore.Mvc; 

using Microsoft.AspNetCore.Mvc.ApplicationModels; 
using Microsoft.AspNetCore.Mvc.Authorization; 


namespace MyCompany.Service 
{ 
public class AdminAreaAuthorization : |ControllerModelConvention 
{ 
private readonly string area; 
private readonly string policy; 


public AdminAreaAuthorization(string area, string policy) 
{ 

this.area = area; 

this.policy = policy; 
} 


public void Apply(ControllerModel controller) 
{ 
if (controller.Attributes.Any(a => 
a is AreaAttribute && (a as AreaAttribute).RouteValue.Equals(area, 
StringComparison.OrdinallgnoreCase)) 
|| controller.RouteValues.Any(r => 
r.Key.Equals("area", StringComparison.OrdinallgnoreCase) && 
r.Value.Equals(area, StringComparison.OrdinallgnoreCase))) 
{ 
controller.Filters.Add(new AuthorizeFilter(policy)); 
} 
} 
} 
} 


